Bring Your Own Kubernetes

The Bring Your Own Kubernetes (BYOK) offering allows you to take a Kubernetes cluster and plug it into the Control Plane Cloud Platform. It works by installing a few additional components into the cluster and then it registers as a new Location in the API for your Org(s). Any Workloads that are configured for that Location will be managed by Control Plane and roll out onto your cluster. You get all the benefits of Control Plane with the added flexibility and security of running in your own cloud account or data center.

Setup Procedure

To begin the setup process, please contact customer support on your slack channel. They will need a few details in order to build a setup package for your cluster.

• Kubernetes Version
• Cloud Provider or Datacenter Location
• Orgs the cluster will be allowed to use this Location
• Location Name
• Availability Zone Names
• Nodepool details

Requirements

• Minimum 2 CPUs per node (4 CPUs or more recommended)
• Minimum 8 GB of RAM per node (16 GB or more recommended)
• Minimum 2 nodes per cluster (3 or more recommended)
• Node processor architecture: x86
• Supports the three most recent minor releases of Kubernetes for installation. For information on Kubernetes releases, click here.
• Full network connectivity between all nodes in the cluster (either public or private network)
• Enable egress access for all nodes (contact customer support for alternatives if this is not feasible)
• Exclude service-mesh from your cluster. Control Plane provides an out-of-the-box Istio-based service-mesh
• Label at least one nodegroup in the cluster with cpln.io/nodeType=core. This label deploys critical system pods and workloads managed by the Control Plane Platform.

Cloud Provider Recommendations

GKE

• Private Cluster: Enabled
• Default SNAT: Enabled
• Stack type: IPv4
• VPC-native traffic routing: Enabled
• Intranode visibility: Disabled
• HTTP Load Balancing: Enabled
• Calico Network Policy: Enabled
• DNS provider: Cloud DNS
• Shielded GKE Nodes: Enabled
• Application -layer secrets encryption: Enabled
• Compute Engine persistent disk CSI Driver: Enabled
• Service Mesh: Disabled

EKS

• Enabled Add-ons:
  • Amazon VPC CNI
  • kube-proxy
  • CoreDNS
  • Amazon EBS CSI Driver

Settings

When using a BYOK Location with Control Plane there are additional settings available to control the behavior of that location.

• Actuator Settings: Actuator settings are used to control ingress for the BYOK Location.
• Workload Settings: Additional workload settings when using a BYOK Location.
• Volume Set Settings: Additional volume set settings when using a BYOK Location.

Guides

• Configure a Content Delivery Network (CDN) Domain.